impactguard.toml

# ImpactGuard Configuration File

[impactguard]
# Severity scores for change types (override defaults)
[impactguard.severity_scores]
"REMOVED" = 1.0
"REQUIRED" = 0.9
"POSITIONAL_REORDER" = 0.8
"KWONLY_REMOVED" = 0.8
"*args_REMOVED" = 0.7
"**kwargs_REMOVED" = 0.7
"OPTIONAL" = 0.3
"ADDED" = 0.1

# Risk assessment thresholds
[impactguard.risk]
# Confidence threshold for UNKNOWN classification
confidence_threshold = 0.3
# Exposure threshold for HIGH risk
high_exposure_min = 0.1
# Exposure threshold for MEDIUM risk
medium_exposure_min = 0.01

# Coverage target (from python-project-scaffold)
[tool.coverage]
target = 80

# Patch confidence weights
[impactguard.patches]
# Target certainty weights
target_file_match = 1.0
target_lineno_match = 1.0
target_name_only = 0.5
target_default = 0.2

# Structural safety weights
structural_default = 1.0
structural_optional = 1.0
structural_kwarg = 0.8
structural_positional = 0.3

# Semantic risk weights
semantic_required = 0.6
semantic_default = 1.0

# Complexity penalty weights
complexity_multiline = 0.7
complexity_decorators = 0.5
complexity_annotations = 0.5
complexity_nested = 0.5

# Runtime tracing
[impactguard.tracing]
# Sample rate for production tracing (0.01 = 1%)
sample_rate = 0.01

# Flush interval for production tracer (seconds)
flush_interval = 10

# Output settings
[impactguard.output]
# Default HTML report title
report_title = "API Risk Report"

# Default output file for HTML reports
default_html_output = "api_report.html"

# Default output file for JSON reports
default_json_output = "report.json"

# Default output file for runtime data
default_runtime_output = ".runtime_calls.json"

# Robustness evaluation — last measured from empirical test runs
# Generated by: python tools/robustness_evaluator.py (see README for full command)
[impactguard.robustness]
# Test composition
n_total = 1054
n_adversarial = 425
n_normal = 629
passing_adv = 424
passing_norm = 629
coverage = 0.57
alpha = 0.65

# Primary metrics
robustness_score = 0.5691        # R  = C × (α × P_a + (1−α) × P_n)
robustness_score_with_diversity = 0.5691  # R_d (diversity penalty; D = 1.0)
robustness_label = "FAIR"        # EXCELLENT ≥ 0.80 | GOOD ≥ 0.65 | FAIR ≥ 0.45 | POOR < 0.45

# Adversarial-specific metrics
p_adversarial = 0.9976           # P_a — adversarial pass rate
p_normal = 1.0000                # P_n — normal pass rate
adversarial_ratio = 0.4032       # 40.3% ≥ 25% minimum ✓
fragility_index = 0.0024         # F = 1 − (P_a / P_n); near-zero → robust
fragility_label = "ROBUST"       # ROBUST ≤ 0.10 | MODERATE ≤ 0.25 | BRITTLE ≤ 0.50 | VERY_BRITTLE > 0.50
diversity_score = 1.0000         # D — all adversarial categories have ≥ 1 pass

# Per-category adversarial breakdown (from test_adversarial_taxonomy.py)
[impactguard.robustness.categories]
boundary      = { total = 28, passing = 28 }
semantic      = { total = 22, passing = 22 }
evasion       = { total = 24, passing = 24 }
compositional = { total = 19, passing = 19 }

# CLI settings
[impactguard.cli]
# Enable verbose output by default
verbose = false

# Auto-open reports after generation
auto_open = false

# Logging settings
[impactguard.logging]
# Log level for the "impactguard" logger hierarchy.
# Recognised values: DEBUG, INFO, WARNING, ERROR, CRITICAL.
level = "WARNING"

# Log record format string (Python logging format).
format = "%(levelname)s [%(name)s] %(message)s"

# Optional path for a log file.  Leave empty to log to stderr only.
log_file = ""

# Language support settings
[impactguard.languages]
# Languages to enable.  "python" is always built-in.
# "typescript" requires: pip install "impactguard[languages]"
enabled = ["python", "typescript"]

# Override which language handles a given file extension.
# Useful for non-standard extensions (.mts, .cts, etc.).
# Example:
# [impactguard.languages.extension_overrides]
# ".mts" = "typescript"
# ".cts" = "typescript"
[impactguard.languages.extension_overrides]